US authorities sentenced a Russian man to 46 months in prison and accused him of infecting tens of thousands of servers worldwide with a Linux malware to generate millions in fraudulent payments.
The man, Maxim Senakh (41), of Velikii Novgorod, was arrested by Finnish police in August 2015. He was arrested for his role in the development and diffusion of the Ebury Linux botnet.
“A Russian citizen was sentenced today for his participation in a criminal enterprise that installed and exploited malicious computer software (malware) on tens of thousands of computer servers throughout the world to generate millions of dollars in fraudulent payments.” reads the press release issued by the DoJ.
Finnish authorities extradited him to the United States in February 2016 to face charges, the man pleaded guilty in March.
The Ebury Linux Trojan is an SSH backdoor that has been circulating since 2011, it allows attackers to gain full control on the infected systems.
Experts estimated that the Ebury botnet was composed of thousands of compromised Linux systems, it was able to send over 35 million spam messages and redirecting more than 500,000 online visitors to exploit kits every day.
Senakh and his co-conspirators leveraged the Ebury botnet to generate and redirect internet traffic to commit advertising click frauds and power spam campaigns.
“Working within a massive criminal enterprise, Maxim Senakh helped create a sophisticated infrastructure that victimized thousands of Internet users across the world,” continues the DoJ.
“As society becomes more reliant on computers, cyber criminals like Senakh pose a serious threat. This Office, along with our law enforcement partners, is committed to detecting and prosecuting cyber criminals no matter where they reside.”
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Ebury botnet, cybercrime)
[adrotate banner=”13″]
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
This website uses cookies.